Shocker? Companies still unprepared to deal with ransomware
Companies and government agencies are overwhelmed by frequent, severe ransomware attacks, which have now become the #1 cyber threat to organizations, according to Crowd Research Partners.
How confident are you that your organization’s defenses are capable of detecting and blocking ransomware before it spreads and infects critical systems and files?
The ransomware study is based on a comprehensive online survey of 516 cybersecurity professionals, providing insight into the latest ransomware trends together with guidance on addressing the evolving ransomware threat.
“In many respects, ransomware is a game changer. It is incredibly easy and inexpensive for cybercriminals to execute highly profitable attacks on a global scale,” said Holger Schulze, CEO and Founder of Cybersecurity Insiders. “Many organizations are alarmingly unprepared for the ransomware onslaught.”
What has been the impact of ransomware attacks on your organization in the past 12 months?
Ransomware is the fastest growing security threat, perceived as a moderate or extreme threat by 80% of cybersecurity professionals. 75% of organizations affected by ransomware experienced up to 5 attacks in the last 12 months alone, 25% experienced 6 or more attacks. Only a small fraction of respondents say they would pay the ransom or negotiate with the attackers.
Email and web use represent the most common ransomware infection vectors with employees opening malicious email attachments (73%), responding to a phishing email (54%) or visiting a compromised website (28%). From a solution perspective, the majority of identified ransomware attacks were detected through endpoint security tools (83%), email and web gateways (64%), and intrusion detection systems (46%).
How confident are you in your organization’s current ability to remediate ransomware AFTER it locks or encrypts data within your systems?
Security professionals rank user awareness training the most effective tactic to prevent and block ransomware (77%), followed by endpoint security solutions (73%), and patching of operating systems (72%) as preventive approaches to ransomware threats. 51% are only slightly to moderately confident of their organization’s ransomware defense.
A majority (54%) say they could recover from a successful ransomware attack within a day, while 39% estimate it will take more than one day to a few weeks to recover. Speed of recovery is absolutely mission-critical as business cost escalates with every hour the business cannot fully operate.